I sat down with Mike Shutz (General Manager, Product Marketing, Server and Tools Division at Microsoft) at TechEd North America 2014. As you’ll see, this recent meeting wasn’t the typical media Q&A session; instead this was a conversation. In part one of this interview, we discussed In part two of this interview, we discussed the hybrid cloud and Microsoft Azure. Today in part two, we discuss end user computing and IT pros’ fears of losing their jobs to the public cloud.

Aidan Finn: We have seen a certain fear out there in the IT pro community. Some IT pros think that Microsoft is trying to take their jobs with the public cloud. And not necessarily just Microsoft. How would you respond to that sort of comment?

Mike Shutz: I think similar to the conversation you had about the evolution of the systems integrator to working the cloud, the same evolution is happening with IT jobs today. We see IT professionals who have embraced the model and learned these new skills, and they’re more in demand than they have ever been. IT pros who know how to integrate the cloud with the applications and services that they already run are in such high demand today. We think that this is a career enhancer or accelerator – very much opposed to trying to replace them. Their jobs are going to change, but I would argue they’ll be more valuable.

Think about a mechanic in the automobile industry 20 years ago. There was value in tuning a carburetor by hand. Mechanics don’t do that anymore – they plug in a computer; they’re creating higher-value services for the people who have those cars. The same thing is happening in IT. Their jobs will change, but they’ll be more valuable to the business than they ever have been.

AF: How would you differentiate between the Microsoft stack (Windows Server, System Center, Windows Azure Pack, and Azure) and your competitors?

MS: If you look at what we’re focused on, we’re the only organization that, one, offers first-party services like Office 365 that are at global scale. So we have the killer apps that are SaaS services. The second thing is we’re taking the platform that those run on, making those available for any application to be built on and /or virtual machines to run on in Microsoft Azure. We’ve got the SaaS apps. We also have a great platform for cloud running in our data centers.

For enterprises and service providers what we’re doing is taking those experiences and bringing those right back into our products so that our partners and enterprise customers can build their own clouds using the experience and knowledge that we’ve gotten in the public cloud by building something that can handle Titanfall, or building something that can handle the Sochi Olympics (Winter 2014), using exactly the same version of Hyper-V that they run in their environment every day or that you run in your lab every day. There’s no other vendor that has that breadth and provides this virtuous cycle of innovation where we learn in the cloud every day and break barriers: 100,000 virtual machines on day 1 for a game, 100 million people watching the Sochi Olympics. We’re battle testing this stuff in our data centers and then bringing it to our customers every day. That virtuous cycle is impossible to replicate if you’re not building and delivering at cloud scale.

AF: It’s a nice matrix. Of the announcements today [in the earlier keynote at TechEd NA 2014], which one excited you the most?

MS: There are a couple. The (Azure) Site Recovery capabilities can help customers who aren’t currently protecting their applications today because building a secondary site is expensive. For us to help customers to protect the virtual machines they’re building, I think Site Recovery is really exciting for us. So that’s in the hybrid world.

In the end user computing world, I think that the ability to do app wrapping for Office across platforms, iOS, Android, and of course, Windows, that is really exciting to drive (Windows) Intune forward.

Whether it be hybrid cloud or in end user computing, those are two pretty significant announcements.

Sponsored

AF: Windows Intune has evolved quite a bit since its original release. I’m not seeing that many deployments of Windows Intune, which I find unfortunate because I think it is a superb solution. I’ve seen it go into an NGO and their IT staff were immediately able to take control of PCs in some of the most deprived regions in the world. What do you think Intune needs to do to gain more traction in the market? What do you think people are not understanding about Intune?

MS: I think in most cases people aren’t aware of the maturity that you just described. One of the things we’re very focused on is helping customer understand how far Intune has come from its first iteration. A lot of people don’t realize that it manages cross platform devices today. I’m continually surprised that a lot of people still don’t realize that they can manage iOS and Android devices with the Intune service. That’s very much what we’re focused on. We have customers here like Callaway Golf who have replaced AirWatch with Intune. The capabilities have come a long way. It’s events like this where we’re trying to help customers get their hands on it and really take advantage of what’s there, because it really has come a long way. And then we’re also trying to show what’s coming in the fall. We talked today about app wrapping for the Office app so that IT can protect the data but still let users use whatever device the want to bring into the organization. We’re driving awareness there.

The Enterprise Mobility Suite (EMS) is an important part of that. By bringing together Azure Rights Management (aka Rights Management Services or RMS), Azure Active Directory Premium, and Intune, all in one low cost easy-to-purchase suite, we’ve allowed customers to really get a full set of enterprise mobility solutions in one package. We’re already seeing a great pickup of EMS just since we announced it a few weeks ago [March 27, 2014].

AF: It’s a great value bundle.

MS: Yeah, $4 (the list price $7.50, but there is a time-limited discount) per-user (per-month), not per device.

AF: And that’s for an unlimited number of devices?

MS: Unlimited devices, per-user, for $4. You go to any one of those point solutions, whether it be for MDM (mobile device management), data protection, or for identity… point solutions across any one of those are more than $4 just for per-device or just for standalone. By putting it all together for a per-user price it’s really approachable. We think that it’s going to be really appealing for customers.

AF: I can think of a certain digital intelligence organization in the USA that would have liked to have had RMS a year ago, and maybe they wouldn’t have had so many leaks!

Regarding RMS, I can’t speak for the American market, it’s been around for quite some time in Active Directory, and now we have it as a cloud service, and as a part of the EMS bundle, in Europe it seems that not many people know about RMS. Not many government organizations seem to be using functionality like this that could be helping them control data access, no matter where it goes. Do you think that’s going to change?

MS: I think security and data protection at the file level is becoming more and more important. And so we definitely see customers evolving their thinking to not just protecting a device, or protecting an application, but really trying to get down to the file level. We’ve never had as many inquiries and questions and excitement about file level data protection with RMS than we have today. And because so many customers are now using Office 365 that has Azure Active Directory built in, really there’s a great fly wheel that’s getting created where customers can very easily take advantage of this capability because they’ve already deployed Office 365 or they’re about to. There’s great things ahead but we continue to need to drive awareness of it.

AF: It’s a very powerful piece of functionality, and like some of the other elements of Office 365, once the organization has migrated or started to migrate, lighting up those features isn’t very difficult.

MS: Historically, deploying RMS on-premises was pretty hard. The cloud makes that so much easier.

AF: Dealing with the complexities of PKI…

MS: That’s right. The cloud-deployment model is perfect for this type of a solution. We’ll still federate with an on-premises deployment for key management and so forth.

AF: One of the hot topics at the moment is BYOD [bring your own device]. Windows Intune and EMS integrate with Office 365 and Windows Azure Active Directory. That puts Microsoft in a unique position. And the keystone is identity.

MS: Yes, absolutely. If you look back at what drove Active Directory penetration a decade ago, it was a killer app called Exchange. In the cloud nothing has changed. Collaboration and email have become the killer app, and Office 365 is really driving that and showing that to be true. Azure Active Directory is built into all of those deployments. By using the capabilities of Azure Active Directory Premium to do app management… you saw (Cloud) App Discovery… so you can go into an organization and say “These are the SaaS applications that you’re users are using. Why don’t you throw a bow around those and make sure that you’re providing single sign-on so that users have a great experience, but IT has control.”

If that user leaves the organization you can cut that wire and keep those people from accessing applications once they’ve left the company. Combining a great experience for end users and the control for IT really provides high value for organizations. We see a lot of interest in the Enterprise Mobility Suite just for that particular capability. And then when you say that you can get mobile device management and app management with Intune, just included because you’ve already bought the EMS suite, and you can get data protection with RMS, it just becomes a no-brainer.

I would like to thank Mike for spending time with me on what was a very busy day at TechEd, and thanks too to the PR team for organizing and scheduling the meeting.